MikroTik

Hello! Please, help me with such configuration as you can see on attachment.
This is simplified config, after that i want to add a vpn server (with separate dhcp address pool) to access internal (192.168.200.0/24) lan.

What i need:
1) WAN (Eher1) port should be with Vlanid 20 and with ip 192.168.100.22 (my isp have 1:1 nat to this ip)
2) Eher2 port should have 192.168.200.2 ip to access internal network (dhcp server for 192.168.200.128/25 (yes /25) network we have on another router).

I tried to create this config using mikrotik default config adding VLAN to interfaces, but without luck. I stuck on assigning this VLAN to Eher1 interface.

- add vlan interface on ether1, name it as you want, give it id 20
- add address 192.168.100.22/xx on your new vlan interface (xx must be correct mask, you should have that from ISP)
- add default route with correct gateway (probably some 192.168.100.x, it's also part of info from ISP)
- if you use default config, add your new vlan interface to WAN interface list

Sob, thanks a lot - everything work!

My second question is:
1) vpn users got an ip from they own dhcp pool 192.168.99.100-200. How they can access computers in the 192.168.200.1/24 network since eth2 is connected to the switch (eth3-eth5 are empty)
2) And an additional question: how VPN users can access internet using mikrotik external ip (all traffic from user goes thru vpn)???

1) If you configure clients to use VPN as default gateway, everything from them will go to router, so it's just a matter of allowing access from them to 192.168.200.0/24. If you don't use VPN as default gateway, you'll need add route on clients.
2) Easily with VPN as default gateway. Allow access from VPN clients to WAN and add correct srcnat/masquerade rule if main one doesn't cover traffic from VPN clients.